Greetings DPP Administrators and fellow DPP members,

As part of my curiousity and as well a little effort to help DPP using my knowledge in the software industry, yesterday I started to try finding security holes in the DPP website. I am no expert in hacking, but the security hole I discovered just before I posted this can be easily exploited by skilled hackers, and we can never predict the scale of the consequences it could bring.

For security reasons, I decided not to disclose the details of the attack. Administrators can contact me via email for the details.

I am hoping that you will not see what I am doing (the finding of security holes) from a negative perspective. I love this site. I learn a lot here. I wouldn't try to do anything that would harm this site. I craft my tests in such a way that it exposes the security holes without doing real damage.

Thank you and more power.

another thing i noticed is that the right click is not disabled thus any guest can save the images for their own purpose.

another thing i noticed is that the right click is not disabled thus any guest can save the images for their own purpose.

there is no fix for this, even if you disable the right click, the fact that the image is diplayed on the browser, you can extract the image. And there's always print screen :)

there is no fix for this, even if you disable the right click, the fact that the image is diplayed on the browser, you can extract the image. And there's always print screen :)

Got that right GMT. Disabling the right click won't help anything. Members can always view the images from the posted links anyway and score the files from there.

Yup, just view source and pull the url from there :D

Hi Mark,

Thanks for the heads-up about a security hole discovery. I just sent you a PM :)

Thanks for the response Sir. I hope we can resolve it. I will try to conduct more tests and will keep you posted if I ever find something. More power!

Hi Mark, Hi Nino, I'd like to learn about the security hole. I'm trying to learn as much as I can about hardening websites as I run a couple as well. Pa-share na lang if it's okay.

In this case, the hole would have to be fixed by the software publisher of this forum software right?

Hi Mark, Hi Nino, I'd like to learn about the security hole. I'm trying to learn as much as I can about hardening websites as I run a couple as well. Pa-share na lang if it's okay.

Hello Sir Jerry. I sent you a backgrounder on the nature of the issue.


In this case, the hole would have to be fixed by the software publisher of this forum software right?

Most probably the software used here (vBulletin) has provisions that allow administrators to fine-tune security settings, but I am not sure. We'll have to leave that to Sir Nino for now. :)

mark... please send me the details also... tnx... i also am maintaining a couple of websites with a LAMP stack.